Return to

Reports of AMD vulnerabilities are greatly exaggerated

Sorry I originally posted to a dead thread …

AMD’s response is entirely correct concerning latest so-called vulnerability by Austrian security researchers. Here is my synopsis of the issues presented

To summarize the paper’s side channel attack: 1) The user starts a browser and goes to a evil site that starts up a malware Javascript process thread L1 data cache of core “X”. 2) The user has another process thread using the the same core “X” that is encrypting/decrypting (i.e., using AES key encryption) some text. The malware site needs to install a “special timer” application on the users computer to time the cache collisions with encryption thread (to get around the Address-Space Layout Randomization ASLR). The malware is then able to determine parts of the private encryption/decryption key through cache hit timings.

The main problem with this the stock browsers “do not” have the required timers to perform the attack. Therefore, the only way to perform the attack is to “manually” install a timer that has enough granularity to perform the side channel attacks. The malware needs to break the browser’s sandbox or get the user to install some additional malware. This is identified in a referenced paper “ASLR on the Line: Practical Cache Attacks on the MMU,” (Ben Gras). To quote the paper:

“To implement AnC, we needed to implement better synthetic timers than the one provided by the current browsers.”

This attack appears not to hurt individual single user PCs, unless there was direct malware attack (i.e., broken sandbox, malware downloaded and installed). At that point your PC has already been pwnd. Then the side channel attack doesn’t matter anymore.

Where this attack would be possible would be on a multi-user server (unusual archaic use case) or on a multi-user virtual server (usual use case). Since the paper doesn’t include anything specific this type of attack, I can only assume companies that provide virtual services like AWS, Azure, Google Web Services, Citrix, and VMWare have mitigations for these types of attacks (i.e.,L1 data cache flushing between third party communal core usage). As for a multi-user system (rare case), I would suggest turning off multi-threading. I suspect an AMD 64 core system is plenty of horse power for most situations.

An additional security mitigation would to not provide a nanosecond timer to the user space without the user and/or executable having the appropriate kernel access permissions. The kernel could expose timers to the user space with the bottom 6-7 bits masked. Special applications that require high quality timers would be installed with that privilege (i.e., databases, real time systems). This wouldn’t stop malware attacking the kernel. If someone has Kernel level access, the game is over anyways.


Can’t upvote enough. Is very similar to the CTS Flaws thing.

You used to be able to get a fairly strong timer by using a CPU chewing WebWorker, a Javascript worker thread.

Did the browsers also close that down, and if so how?

Reports of most CPU vulnerabilities are greatly over-exaggerated. Now can we stop pretending that we are electing the CPU of 2020?

1 Like

Could probably throw some JS together to test.

Note: If the browsers did not, then one of the script or adblockers everyone has, will block that.

I don’t understand what browser counters are available in Javascript. My understanding is what I have read about mitigations browser makers like Mozilla and Google have added to their respective browsers. I would be interested if you were able to obtain a good counter in your Javascript test. Although, I believe the researchers when they say they aren’t able get the browser to do the side channel attack without malware.

If I wanted to scare everyone, I would write a paper that uses a standard browser as an attack vector. But buried in the references it tells you that you have to break the browser for the attack to succeed.

The paper could have said, “we persuaded a user to download, via a browser, malware that allowed us to read their encryption keys.” That would be more understandable. (Please excuse my exaggeration :wink: